What's new
Team OS : Your Only Destination To Custom OS !!

Welcome to TeamOS Community, Register or Login to the Community to Download Torrents, Get Access to Shoutbox, Post Replies, Use Search Engine and many more features. Register Today!

Tech News Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

You must be registered for see links

Dec 21, 2023

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild.

The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a
You must be registered for see links
in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution.

Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group (TAG) have been credited with discovering and reporting the flaw.

No other details about the security defect have been released to prevent further abuse, with Google
You must be registered for see links
that "an exploit for CVE-2023-7024 exists in the wild."

The development marks the resolution of the eighth actively exploited zero-day in Chrome since the start of the year -
  • You must be registered for see links
    (CVSS score: 8.8) - Type confusion in V8
  • You must be registered for see links
    (CVSS score: 9.6) - Integer overflow in Skia
  • You must be registered for see links
    (CVSS score: 8.8) - Type confusion in V8
  • You must be registered for see links
    (CVSS score: 8.8) - Type confusion in V8
  • You must be registered for see links
    (CVSS score: 8.8) - Heap buffer overflow in WebP
  • You must be registered for see links
    (CVSS score: 8.8) - Heap buffer overflow in vp8 encoding in libvpx
  • You must be registered for see links
    (CVSS score: 9.6) - Integer overflow in Skia
A total of 26,447 vulnerabilities have been disclosed so far in 2023, surpassing the previous year by over 1,500 CVEs, according to
You must be registered for see links
, with 115 flaws exploited by threat actors and ransomware groups.

Remote code execution, security feature bypass, buffer manipulation, privilege escalation, and input validation and parsing flaws emerged as the top vulnerability types.

Users are recommended to upgrade to Chrome version 120.0.6099.129/130 for Windows and 120.0.6099.129 for macOS and Linux to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

From: The Hacker News (THN)

Another day another security defect ......
 
Click to expand...
Twistty

Twistty

✅ Verified Member
Member
Downloaded
20.4 GB
Uploaded
7.4 TB
Ratio
372
Seedbonus
81,861
Upload Count
0 (0)
Member for 8 years
With Brave - I have AdGuard set as:
Disable WebRTC
"WebRTC can leak your IP address even if you use a proxy or a VPN. Disabling WebRTC can break some websites."
Not sure if that helps or not?
 
You must log in or register to reply here.
Top